<?php
$templatefile = "includes/template.html";
include "includes/vars.php";
include "includes/containers.php";
$link = mysql_connect($dbhost, $dbuser, $dbpass)
or Die('Cannot connect to database '.$dbhost.'+'. $dbuser.'+'. $dbpass.'+'.mysql_error());

mysql_select_db($dbname)
  or Die("Database not found.");

$hLine = '<HR color=#BCCBFC>';
function getReadBy($readNuumber){
	return '<P>Read by : ' . $readNuumber . ' <BR></P>';
}

function getDwonloadBookLink($link){
	return '<A HREF="index.php?act=download&BID=' . $link . '"><img src="images/downloadThisBook.gif" BORDER=0></A>';
}

if (!isset($_GET['act'])){




    // exclusive books
    $books_exc = "";
    $sql = "SELECT * FROM books WHERE B_TYPE_EXC = 1 ORDER BY `B_ID` DESC LIMIT 0," . $bktoshownum;

    $result = mysql_query($sql);
    $numrecords = mysql_num_rows($result);

    while ($row = mysql_fetch_row($result)){
    
        $authsql ="SELECT BA_AUTH_ID FROM bk_auth WHERE BA_BOOK_ID = " . $row[0];
        if ($authresult = mysql_query($authsql)){
            $authrow = mysql_fetch_row($authresult);
            
            $authsql2 ="SELECT * FROM authors WHERE A_ID = " . $authrow[0];
            if($authresult2 = mysql_query($authsql2)){
            
                $authrow2 = mysql_fetch_row($authresult2);
            
            }
            

        }
        
        
        $books_exc .= '<p><a href="view.php?bkID=' . $row[0] . '"><img border="0" width="100" height="150" src="' . $websitename . $row[3] . '"><br>';
        $books_exc .= $row[1] . '</a><br>';
        $books_exc .= 'By: <a href="view.php?authID=' . $authrow2[0] . '">' . $authrow2[1] . " " . $authrow2[2] . '</a><BR></p>';
        
            $books_exc .= getReadBy($row[4]);;
           if (trim($row[2]) != "" && trim($row[2]) != "NULL"){
           $books_exc .= getDwonloadBookLink($row[0]);
        }
        $books_exc .= $hLine;
        

    }
    

        $sql = "SELECT B_ID FROM books WHERE B_TYPE_EXC = 1 ";
        if ($result = mysql_query($sql)){
            $numrecords = mysql_num_rows($result);

        }
        else{
            $numrecords = 5;
        }



        $numpages = round($numrecords/$bktoshownum);
        

        if (($numpages-($numrecords/$bktoshownum))<0){
            $numpages += 1;
        }
        $pagenum = "page 1 of " . $numpages;
        
        $nextlink = "";
        if ($numpages > 1){
            $nextlink = '<A HREF="index.php?act=list&cat=exc&page=2"><img src="' . $websitename . '/images/ib_next.gif" border="0"></A>'  ;
        }

        $books_exc .= '<P align="right">' . $pagenum . ' ' . $nextlink . '</P>';






    // pick of the month
    $books_potm = "";
    $sql = "SELECT * FROM books WHERE B_TYPE_POTM = 1  ORDER BY `B_ID` DESC LIMIT 0," . $bktoshownum;

    $result = mysql_query($sql);
    
    while ($row = mysql_fetch_row($result)){

        $authsql ="SELECT BA_AUTH_ID FROM bk_auth WHERE BA_BOOK_ID = " . $row[0];
        if ($authresult = mysql_query($authsql)){
            $authrow = mysql_fetch_row($authresult);

            $authsql2 ="SELECT * FROM authors WHERE A_ID = " . $authrow[0];
            if($authresult2 = mysql_query($authsql2)){

                $authrow2 = mysql_fetch_row($authresult2);

            }


        }


        $books_potm .= '<P><a href="view.php?bkID=' . $row[0] . '">' . '<img border="0" width="100" height="150" src="' . $websitename . $row[3] . '"><br>';
        $books_potm .=  $row[1] . '</a><br>';
        if($authrow2[2]){
            $books_potm .= 'By: <a href="view.php?authID=' . $authrow2[0] . '">' . $authrow2[1] . " " . $authrow2[2] . '</a><BR></P>';
        }
        
        
            $books_potm .= getReadBy($row[4]);;
            if (trim($row[2]) != "" && trim($row[2]) != "NULL"){
            $books_potm .= getDwonloadBookLink($row[0]);
        }
        $books_potm .= $hLine;


    }
    

 /*
        $sql = "SELECT B_ID FROM books WHERE B_TYPE_POTM = 1";
        if ($result = mysql_query($sql)){
            $numrecords = mysql_num_rows($result);

        }
        else{
            $numrecords = 5;
        }


        $numpages = round($numrecords/$bktoshownum);


        if (($numpages-($numrecords/$bktoshownum))<0){
            $numpages += 1;
        }
        $pagenum = "page 1 of " . $numpages;

        $nextlink = "";
        if ($numpages > 1){
            $nextlink = '<A HREF="index.php?act=list&cat=potm&page=2"><img src="' . $websitename . '/images/ib_next.gif" border="0"></A>'  ;
        }


        $books_potm .= '<P align="right">' . $pagenum . ' ' . $nextlink . '</P>';

*/
    
    // New books
    $books_new = "";
    $sql = "SELECT * FROM books WHERE B_TYPE_NEW = 1 ORDER BY `B_ID` DESC LIMIT 0," . $bktoshownum;

    $result = mysql_query($sql);


    while ($row = mysql_fetch_row($result)){

        $authsql ="SELECT BA_AUTH_ID FROM bk_auth WHERE BA_BOOK_ID = " . $row[0];
        if ($authresult = mysql_query($authsql)){
            $authrow = mysql_fetch_row($authresult);

            $authsql2 ="SELECT * FROM authors WHERE A_ID = " . $authrow[0];
            if($authresult2 = mysql_query($authsql2)){

                $authrow2 = mysql_fetch_row($authresult2);

            }


        }


        $books_new .= '<p><a href="view.php?bkID=' . $row[0] . '"><img border="0" width="100" height="150" src="' . $websitename . $row[3] . '"><br>';
        $books_new .= $row[1] . '</a><br>';
        $books_new .= 'By: <a href="view.php?authID=' . $authrow2[0] . '">' . $authrow2[1] . " " . $authrow2[2] . '</a><BR></P>';

        
            $books_new .= getReadBy($row[4]);;
            if (trim($row[2]) != ""  && trim($row[2]) != "NULL"){
            $books_new .= getDwonloadBookLink($row[0]);
        }
        $books_new .= $hLine;


    }

        $sql = "SELECT B_ID FROM books WHERE B_TYPE_NEW = 1";
        if ($result = mysql_query($sql)){
            $numrecords = mysql_num_rows($result);
            
        }
        else{
            $numrecords = 5;
        }

        $numpages = round($numrecords/$bktoshownum);
        
        if (($numpages-($numrecords/$bktoshownum))<0){

            $numpages += 1;
        }
        $pagenum = "page 1 of " . $numpages;

        $nextlink = "";
        if ($numpages > 1){
            $nextlink = '<A HREF="index.php?act=list&cat=new&page=2"><img src="' . $websitename . '/images/ib_next.gif" border="0"></A>'  ;
        }

        $books_new .= '<P align="right">' . $pagenum . ' ' . $nextlink . '</P>';
        
        
        
        

    // prepare and print the table

        $contenttable = str_replace("<!--POTM-->", $books_potm, $contenttable);
        $contenttable = str_replace("<!--EXC-->", $books_exc, $contenttable);
        $contenttable = str_replace("<!--NEWBOOKS-->", $books_new, $contenttable);
        
        $content = $contenttable;
        







}



else if ($_GET['act'] == "list"){





    // get the book type and write the
    $sql = "SELECT * FROM books WHERE B_TYPE_" . strtoupper($_GET['cat']). "=1 ";

 //mmk   
     if ($_GET['cat'] == "new"){
            $sql .= "ORDER BY `B_ID` DESC ";

      }
     if ($_GET['cat'] == "potm"){
            $sql .= "ORDER BY `B_ID` DESC ";

      }
     if ($_GET['cat'] == "exc"){
            $sql .= "ORDER BY `B_ID` DESC ";

      }

    $sql .= "LIMIT ";
    
    if ($_GET['page'] >1){
        $sql .= (($_GET['page']-1)*$bktoshownum);
    }
    else{
        $sql .= "0";
    }
    $sql .= ", " . $bktoshownum;
    
    if ($result = mysql_query($sql)){
    
        // loop through them and prepare the next page link
        
    
        $books_list = "";
        while ($row = mysql_fetch_row($result)){

            $authsql ="SELECT BA_AUTH_ID FROM bk_auth WHERE BA_BOOK_ID = " . $row[0];
            if ($authresult = mysql_query($authsql)){
                $authrow = mysql_fetch_row($authresult);

                $authsql2 ="SELECT * FROM authors WHERE A_ID = " . $authrow[0];
                if($authresult2 = mysql_query($authsql2)){

                    $authrow2 = mysql_fetch_row($authresult2);

                }


            }

                $books_list .= '<p><a href="view.php?bkID=' . $row[0] . '"><img border="0" width="100" height="150" src="' . $websitename . $row[3] . '"><br>';
                $books_list .= $row[1] . '</a><br>';
            if (isset($authrow2[2])){
                $books_list .= 'By: <a href="view.php?authID=' . $authrow2[0] . '">' . $authrow2[1] . " " . $authrow2[2] . '</a><BR></P>';
            }
            
                $books_list .= getReadBy($row[4]);;
                if (trim($row[2]) != "" && trim($row[2]) != "NULL"){
                $books_list .= getDwonloadBookLink($row[0]);
            }
            $books_list .= $hLine;


        }


            $sql = "SELECT B_ID FROM books WHERE B_TYPE_" . $_GET['cat'] . " = 1";
 //           if ($_GET['cat'] == "new"){
//	         $sql .= " ORDER BY `B_ID` DESC" ;            
//             }
            if ($result = mysql_query($sql)){
                $numrecords = mysql_num_rows($result);

            }
            else{
                $numrecords = 5;
            }

            $numpages = round($numrecords/$bktoshownum);

            if (($numpages-($numrecords/$bktoshownum))<0){

                $numpages += 1;
            }
            $pagenum = "page " . $_GET['page'] . " of " . $numpages;

            $prevlink = "";
            if ($_GET['page'] > 1){
                $prevlink = '<A HREF="index.php?act=list&cat=' . $_GET['cat'] . '&page=' . ($_GET['page']-1) . '"><img src="' . $websitename . '/images/ib_previous.gif" border="0"></A>'  ;
            }


            $nextlink = "";
            if ($numpages > $_GET['page']){
                $nextlink = '<A HREF="index.php?act=list&cat=' . $_GET['cat'] . '&page=' . ($_GET['page']+1) . '"><img src="' . $websitename . '/images/ib_next.gif" border="0"></A>'  ;
            }

            $books_list.= '<P align="right">' . $prevlink . ' ' . $pagenum . ' ' . $nextlink . '</P>';


            // prepare heading
            if ($_GET['cat'] == "new"){
                $heading = $newbooks;
            }
            else if($_GET['cat'] == "exc"){
                $heading = $exclusivebooks;
            }
            else if($_GET['cat'] == "potm"){
                $heading = $pickofthemonth;
            }
            else if($_GET['cat'] == "newm"){
                $heading = $bksfornewm;
            }
            else if($_GET['cat'] == "nonm"){
                $heading = $bksfornonm;
            }



        // prepare and print the table

            $listtable = str_replace("<!--HEADING-->", $heading, $listtable);
            $listtable = str_replace("<!--LIST-->", $books_list, $listtable);

            $content = $listtable;

    


    }
    else{
        $content = "Sorry, could not get the list";
    }


}





// library books
else if ($_GET['act'] == "lib"){

    //if by category
    if ($_GET['cat'] == "cat"){

    





        
           $sql = "SELECT * FROM categories WHERE CAT_PARENT_ID = ";
           if (!isset($_GET['catID'])){
              $sql .= '0';
           }
           else{
                 $sql .= $_GET['catID'];
           }



           if ($result = mysql_query($sql)){

              // prepare categories list
              $catlist = '';
              while ($row = mysql_fetch_row($result)){

                  $catlist .= '<A HREF="index.php?act=lib&cat=cat&catID=' . $row[0] . '&page=1">' . $row[1] . '</A><BR>';

              }
              


              // Prepare the images list for this category
              if (isset($_GET['catID']) && $_GET['catID']>0){
              

                  $sql = "SELECT * FROM book_cat WHERE BC_CAT_ID = " . $_GET['catID'] . " LIMIT ";
                  
                  if (isset($_GET['page']) && $_GET['page'] > 1){
                      $sql .= (($_GET['page']-1) * $bktoshownum);
                  }
                  else{
                      $sql .= '0';
                  }
                  
                  $sql .= ',' . $bktoshownum;
                  
                  
                  $printedbooks = 0;
                  if ($result = mysql_query($sql)){

                      //loop through them and print the books

                      $bookslist = "";
                      while ($row = mysql_fetch_row($result)){

                           
                          $bsql = "SELECT * FROM books WHERE B_ID = " . $row[0];
                          if ($bresult = mysql_query($bsql)){


                            $bklistcount = mysql_num_rows($bresult);
                            if($bklistcount > 0){
                              $brow = mysql_fetch_row($bresult);


                                  $authsql ="SELECT BA_AUTH_ID FROM bk_auth WHERE BA_BOOK_ID = " . $brow[0];
                                  if ($authresult = mysql_query($authsql)){
                                      $authrow = mysql_fetch_row($authresult);

                                      $authsql2 ="SELECT * FROM authors WHERE A_ID = " . $authrow[0];
                                      if($authresult2 = mysql_query($authsql2)){

                                          $authrow2 = mysql_fetch_row($authresult2);

                                      }


                                  }


                                  $bookslist .= '<p><a href="view.php?bkID=' . $brow[0] . '"><img border="0" width="100" height="150" src="' . $websitename . $brow[3] . '"><br>';
                                  $bookslist .= $brow[1] .
                                  '</a><br>';
                                  $bookslist .= 'By: <a href="view.php?authID=' . $authrow2[0] . '">' . $authrow2[1] . " " . $authrow2[2] . '</a><BR></P>';
                                  
                                      $bookslist .= '<P>read by :' . $brow[4] . ' <BR></P>';
                                      if (trim($brow[2]) != ""){
                                      $bookslist .= getDwonloadBookLink($brow[0]);
                                  }
                                  $bookslist .= $hLine;
                                  
                                  $printedbooks += 1;

                            }
                          }
                      
                      }
                      

                      

                      if ($printedbooks>0){
                      // next and perv links

                             $sql = "SELECT * FROM book_cat WHERE BC_CAT_ID = ";
                             if (!isset($_GET['catID'])){
                                $sql .= '0';
                             }
                             else{
                                   $sql .= $_GET['catID'];
                             }


                             if($result = mysql_query($sql)){

                                $numrecords = mysql_num_rows($result);

                                $numpages = round($numrecords/$bktoshownum);

                                if (($numpages-($numrecords/$bktoshownum))<0){

                                    $numpages += 1;
                                }

                                $pagenum = "page " . $_GET['page'] . " of " . $numpages;


                                $prevlink = "";
                                if ($_GET['page'] > 1){
                                    $prevlink = '<A HREF="index.php?act=lib&cat=' . $_GET['cat'] . '&page=' . ($_GET['page']-1) . '&catID=' . $_GET['catID'] . '"><img src="' . $websitename . '/images/ib_previous.gif" border="0"></A>'  ;
                                }


                                $nextlink = "";
                                if ($numpages > $_GET['page']){
                                    $nextlink = '<A HREF="index.php?act=lib&cat=' . $_GET['cat'] . '&page=' . ($_GET['page']+1) . '&catID=' . $_GET['catID'] . '"><img src="' . $websitename . '/images/ib_next.gif" border="0"></A>'  ;
                                }

                                $navlinks = $prevlink . ' ' .  $pagenum . ' ' . $nextlink;




                             }
                             }
                      

                  }
                  else{
                      print "There is an error in the sql statement";
                  }
                  

              
              
              }
              
              
              
        // prepare and print the table
        if(!isset($bookslist)){
            $bookslist = "";
        }

        if(!isset($navlinks)){
            $navlinks = "";
        }

            $catstable = str_replace("<!--SUBLINKS-->", $catlist, $catstable);
            $catstable = str_replace("<!--BOOKS-->", $bookslist, $catstable);
            $catstable = str_replace("<!--NAVLINKS-->", $navlinks, $catstable);

            $content = $catstable;





           }
           else{

            $content = "Sorry, could not get the sub categories";

           }


        
    }
    
    
    
    
    
    // if by author
    else if ($_GET['cat'] == "auth"){
    
    

    
        // Prepare the alphabetical list
        $sql = "SELECT * FROM authors ORDER BY A_LAST_NAME";
        if ($result = mysql_query($sql)){
        
             $newletter = 'no';
             $lastletter = '';
             $x = 0;
             while ($row = mysql_fetch_row($result)){

                $firstletter = substr($row[2], 0, 1);
                $firstletter = strtoupper($firstletter);
                
                if ($firstletter != $lastletter && $row[2] != 'N/A'){
                
                    $lastletter = $firstletter;
                    $lettersfound[$x] = $firstletter;

                    $x+=1;

                }

             }
             
             // prepare the links
             $alphabet = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L","M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z");

             $x=0;
             $letterscount = count($lettersfound);
             $navlinks = '';
             foreach ($alphabet as $linkletter){
             
                if ($x<$letterscount && $lettersfound[$x] == $linkletter){
                
                  $navlinks .= '<A HREF="index.php?act=lib&cat=auth&letter=' . $linkletter . '">' . $linkletter . '</A> ';
                  $x+=1;

                }
                else{
                
                  $navlinks .= $linkletter . ' ';
                
                }
             
             }

        
        }
        
        // display the names with the links
        if (!isset($_GET['letter'])){
            $aletter = "A";
        }
        else{
            $aletter = $_GET['letter'];
        }
        
        $aletterup = strtoupper($aletter);
        $aletterlo = strtolower($aletter);
        
        $sql = "SELECT * FROM authors WHERE A_LAST_NAME LIKE '" . $aletterlo . "%' OR A_LAST_NAME LIKE '" . $aletterup . "%'";

        if ($result = mysql_query($sql)){
        
            $alist = '';
            while ($row = mysql_fetch_row($result)){
            
                // print the lastname, firstname
                $alist .= '<A HREF="view.php?authID=' . $row[0] . '">' . $row[2] . ' ' . $row[1] . '</A> <BR>';
                
            
            }
            

        
        }
        else{
            $content = "There was an error during the operation";
        }
        
        

        // prepare and print the table

            $authtable = str_replace("<!--NAVIGATION-->", $navlinks, $authtable);
            $authtable = str_replace("<!--AUTHLIST-->", $alist, $authtable);


            $content = $authtable;


    }
    
    
    
    
    
    // if by book name
    else if ($_GET['cat'] == "name"){
    


        // Prepare the alphabetical list
        $sql = "SELECT B_NAME FROM books ORDER BY B_NAME";
        if ($result = mysql_query($sql)){

             $newletter = 'no';
             $lastletter = '';
             $x = 0;
             while ($row = mysql_fetch_row($result)){

                $firstletter = substr($row[0], 0, 1);
                $firstletter = strtoupper($firstletter);


                if ($firstletter != $lastletter && $row[0] != 'N/A'){

                    $lastletter = $firstletter;
                    $lettersfound[$x] = $firstletter;

                    $x+=1;

                }

             }

             // prepare the links
             $alphabet = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L","M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z");

             $x=0;
             $letterscount = count($lettersfound);
             $navlinks = '';
             foreach ($alphabet as $linkletter){

                if ($x<$letterscount && $lettersfound[$x] == $linkletter){

                  $navlinks .= '<A HREF="index.php?act=lib&cat=name&letter=' . $linkletter . '">' . $linkletter . '</A> ';
                  $x+=1;

                }
                else{

                  $navlinks .= $linkletter . ' ';

                }

             }


        }
        
        
        
        
        
        
        
        
        // print the books by letter
        if (!isset($_GET['letter'])){
            $aletter = "A";
        }
        else{
            $aletter = $_GET['letter'];
        }

        $aletterup = strtoupper($aletter);
        $aletterlo = strtolower($aletter);


        $sql = "SELECT * FROM books WHERE B_NAME LIKE '" . $aletterlo . "%' OR B_NAME LIKE '" . $aletterup . "%' ";
        
        $sql .= "LIMIT ";
        
            if (isset($_GET['page']) && $_GET['page'] > 1){
                $sql .= (($_GET['page']-1) * $bktoshownum);
            }
            else{
                $sql .= '0';
            }
        $sql .= ", " . $bktoshownum;

        
        // loop through the books and print the links



    //
    $bookslist = "";
    $result = mysql_query($sql);
    $numrecords = mysql_num_rows($result);

    while ($row = mysql_fetch_row($result)){

        $authsql ="SELECT BA_AUTH_ID FROM bk_auth WHERE BA_BOOK_ID = " . $row[0];
        if ($authresult = mysql_query($authsql)){
            $authrow = mysql_fetch_row($authresult);

            $authsql2 ="SELECT * FROM authors WHERE A_ID = " . $authrow[0];
            if($authresult2 = mysql_query($authsql2)){

                $authrow2 = mysql_fetch_row($authresult2);

            }


        }


        $bookslist .= '<p><a href="view.php?bkID=' . $row[0] . '"><img border="0" width="100" height="150" src="' . $websitename . $row[3] . '"><br>';
        $bookslist .= $row[1] . '</a><br>';
        if (isset($authrow2[2])){
            $bookslist .= 'By: <a href="view.php?authID=' . $authrow2[0] . '">' . $authrow2[1] . " " . $authrow2[2] . '</a><BR></p>';
        }
        
            $bookslist .= getReadBy($row[4]);;
            if (trim($row[2]) != "" && trim($row[2]) != "NULL"){
            $bookslist .= getDwonloadBookLink($row[0]);
        }
        $bookslist .= $hLine;

    }


        $sql = "SELECT B_ID,B_NAME, B_IMAGE_URL FROM books WHERE B_NAME LIKE '" . $aletterlo . "%' OR B_NAME LIKE '" . $aletterup . "%' ";
        if ($result = mysql_query($sql)){
            $numrecords = mysql_num_rows($result);

        }
        else{
            $numrecords = 5;
        }



        $numpages = round($numrecords/$bktoshownum);


        if (($numpages-($numrecords/$bktoshownum))<0){
            $numpages += 1;
        }

        if (isset($_GET['page'])){
            $pagenumber = $_GET['page'];
        }
        else{
            $pagenumber = 1;
        }
        
        
        
        
            $pagenum = "page " . $pagenumber . " of " . $numpages;

            $prevlink = "";
            if ($pagenum > 1){
                $prevlink = '<A HREF="index.php?act=lib&cat=' . $_GET['cat'] . '&letter=' . $aletter . '&page=' . ($pagenumber-1) . '"><img src="' . $websitename . '/images/ib_previous.gif" border="0"></A>';
            }


            $nextlink = "";
            if ($numpages > $pagenumber){
                $nextlink = '<A HREF="index.php?act=lib&cat=' . $_GET['cat'] . '&letter=' . $aletter . '&page=' . ($pagenumber+1) . '"><img src="' . $websitename . '/images/ib_next.gif" border="0"></A>';
            }

        $bookslist .= '<P align="right">' . $pagenum . ' ' . $nextlink . '</P>';
        



        // prepare and print the table

            $booktable = str_replace("<!--LETTER-->", $aletter, $booktable);
            $booktable = str_replace("<!--NAVIGATION-->", $navlinks, $booktable);
            $booktable = str_replace("<!--BOOKLIST-->", $bookslist, $booktable);


            $content = $booktable;




    }






}

else if ($_GET['act'] == "download"){

    //check for file and send it to browser
    $sql = "SELECT * FROM books WHERE B_ID = " . $_GET['BID'];
    if ($result = mysql_query($sql)){
    
        $row = mysql_fetch_row($result);
        $filepath = getcwd() . $row[2];
        


    // extract the file name
    $filearray = explode ('/', $filepath);
    $filename = "";
    foreach ($filearray as $temp){
        if($temp != $filename && trim($temp) != ""){
            $filename = $temp;

        }
    }
    // get the file extension
    


 $status = FALSE;
 if (!is_file($filepath) or connection_status()!=0) $status = FALSE;
if (is_file($filepath)){
 header("Content-type: application/octet-stream");
 header("Content-Disposition: inline; filename=\"".$filename."\"");
 header("Content-length: ".(string)(filesize($filepath)));
 header("Expires: ".gmdate("D, d M Y H:i:s", mktime(date("H")+2, date("i"), date("s"), date("m"), date("d"), date("Y")))." GMT");
 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
 header("Cache-Control: no-cache, must-revalidate");
 header("Pragma: no-cache");


 if ($file = fopen($filepath, 'rb')) {
   while(!feof($file) and (connection_status()==0)) {
     print(fread($file, 1024*8));
     flush();
   }
   $status = (connection_status()==0);
   fclose($file);
   


 }
 


 }

if ($status == FALSE) {
die ("file transfer failed");
// either the file transfer was incomplete
// or the file was not found
}
else {
// the download was a success
// log, or do whatever else
// add 1 to the download count
$newcount = $row[4] + 1;
$sql = "UPDATE books SET B_DOWNLOAD_COUNT = '" . $newcount . "' WHERE B_ID = " . $_GET['BID'];
print $sql;
$result = mysql_query($sql)
or Die("error updating count");

}
        
        
        
        
        
        
        
        
    
    }
    else{
        $content = "Could not get this book's information.";
    }

}





// prepare and send final file

if (file_exists($templatefile)){
    $output = implode ("", file($templatefile));
    $output = str_replace("<!--CONTENT-->", $content, $output);    
    $output = str_replace("<!--SIDEBAR-->", $sidebar, $output);
    $banner = include("banner.php"); 
    $output = str_replace("<!--BANNER-->", $banner, $output);
    
    print $output;

    
}
else{
    print "ERROR";
}


mysql_close ($link);

?>
